jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

move startup logic to platform.js

Browse Source
This commit is contained in:
Girish Ramakrishnan
2023-08-12 19:28:07 +05:30
parent 559125cd3c
commit 070f6e5de3
7 changed files with 155 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/platform.js
+128 -69
View File
@@ -1,8 +1,10 @@
'use strict';
exports = module.exports = {
start,
stopAllTasks,
initialize,
uninitialize,
onActivated,
getStatus
};
@@ -12,11 +14,16 @@ const apps = require('./apps.js'),
AuditSource = require('./auditsource.js'),
BoxError = require('./boxerror.js'),
constants = require('./constants.js'),
cron = require('./cron.js'),
dashboard = require('./dashboard.js'),
database = require('./database.js'),
debug = require('debug')('box:platform'),
docker = require('./docker.js'),
dockerProxy = require('./dockerproxy.js'),
fs = require('fs'),
infra = require('./infra_version.js'),
locker = require('./locker.js'),
oidc = require('./oidc.js'),
paths = require('./paths.js'),
reverseProxy = require('./reverseproxy.js'),
safe = require('safetydance'),
@@ -24,6 +31,8 @@ const apps = require('./apps.js'),
shell = require('./shell.js'),
tasks = require('./tasks.js'),
timers = require('timers/promises'),
updater = require('./updater.js'),
users = require('./users.js'),
volumes = require('./volumes.js'),
_ = require('underscore');
@@ -33,70 +42,6 @@ function getStatus() {
return { message: gStatusMessage };
}
async function start(options) {
if (process.env.BOX_ENV === 'test' && !process.env.TEST_CREATE_INFRA) return;
debug('initializing platform');
let existingInfra = { version: 'none' };
if (fs.existsSync(paths.INFRA_VERSION_FILE)) {
existingInfra = safe.JSON.parse(fs.readFileSync(paths.INFRA_VERSION_FILE, 'utf8'));
if (!existingInfra) existingInfra = { version: 'corrupt' };
}
// short-circuit for the restart case
if (_.isEqual(infra, existingInfra)) {
debug('platform is uptodate at version %s', infra.version);
await onPlatformReady(false /* !infraChanged */);
return;
}
debug('Updating infrastructure from %s to %s', existingInfra.version, infra.version);
const error = locker.lock(locker.OP_PLATFORM_START);
if (error) throw error;
for (let attempt = 0; attempt < 5; attempt++) {
try {
if (existingInfra.version !== infra.version) {
gStatusMessage = 'Removing containers for upgrade';
await removeAllContainers();
await createDockerNetwork();
}
if (existingInfra.version === 'none') await volumes.mountAll(); // when restoring, mount all volumes
await markApps(existingInfra, options); // mark app state before we start addons. this gives the db import logic a chance to mark an app as errored
gStatusMessage = 'Starting services, this can take a while';
await services.startServices(existingInfra);
await fs.promises.writeFile(paths.INFRA_VERSION_FILE, JSON.stringify(infra, null, 4));
break;
} catch (error) {
// for some reason, mysql arbitrary restarts making startup tasks fail. this makes the box update stuck
// LOST is when existing connection breaks. REFUSED is when new connection cannot connect at all
const retry = error.reason === BoxError.DATABASE_ERROR && (error.code === 'PROTOCOL_CONNECTION_LOST' || error.code === 'ECONNREFUSED');
debug(`Failed to start services. retry=${retry} (attempt ${attempt}): ${error.message}`);
if (!retry) throw error; // refuse to start
await timers.setTimeout(10000);
}
}
locker.unlock(locker.OP_PLATFORM_START);
await onPlatformReady(true /* infraChanged */);
}
async function stopAllTasks() {
await tasks.stopAllTasks();
}
async function onPlatformReady(infraChanged) {
debug(`onPlatformReady: platform is ready. infra changed: ${infraChanged}`);
gStatusMessage = 'Ready';
if (infraChanged) await safe(pruneInfraImages(), { debug }); // ignore error
await apps.schedulePendingTasks(AuditSource.PLATFORM);
}
async function pruneInfraImages() {
debug('pruneInfraImages: checking existing images');
@@ -142,13 +87,13 @@ async function removeAllContainers() {
await shell.promises.exec('removeAllContainers', 'docker ps -qa --filter \'label=isCloudronManaged\' | xargs --no-run-if-empty docker rm -f');
}
async function markApps(existingInfra, options) {
async function markApps(existingInfra, restoreOptions) {
assert.strictEqual(typeof existingInfra, 'object');
assert.strictEqual(typeof options, 'object');
assert.strictEqual(typeof restoreOptions, 'object');
if (existingInfra.version === 'none') { // cloudron is being restored from backup
debug('markApps: restoring installed apps');
await apps.restoreInstalledApps(options, AuditSource.PLATFORM);
await apps.restoreInstalledApps(restoreOptions, AuditSource.PLATFORM);
} else if (existingInfra.version !== infra.version) {
debug('markApps: reconfiguring installed apps');
reverseProxy.removeAppConfigs(); // should we change the cert location, nginx will not start
@@ -169,3 +114,117 @@ async function markApps(existingInfra, options) {
}
}
}
async function onInfraReady(infraChanged) {
debug(`onInfraReady: platform is ready. infra changed: ${infraChanged}`);
gStatusMessage = 'Ready';
if (infraChanged) await safe(pruneInfraImages(), { debug }); // ignore error
await apps.schedulePendingTasks(AuditSource.PLATFORM);
}
async function startInfra(restoreOptions) {
assert.strictEqual(typeof restoreOptions, 'object');
if (process.env.BOX_ENV === 'test' && !process.env.TEST_CREATE_INFRA) return;
debug('startInfra: checking infrastructure');
let existingInfra = { version: 'none' };
if (fs.existsSync(paths.INFRA_VERSION_FILE)) {
existingInfra = safe.JSON.parse(fs.readFileSync(paths.INFRA_VERSION_FILE, 'utf8'));
if (!existingInfra) existingInfra = { version: 'corrupt' };
}
// short-circuit for the restart case
if (_.isEqual(infra, existingInfra)) {
debug('startInfra: infra is uptodate at version %s', infra.version);
await onInfraReady(false /* !infraChanged */);
return;
}
debug(`startInfra: updating infrastructure from ${existingInfra.version} to ${infra.version}`);
const error = locker.lock(locker.OP_INFRA_START);
if (error) throw error;
for (let attempt = 0; attempt < 5; attempt++) {
try {
if (existingInfra.version !== infra.version) {
gStatusMessage = 'Removing containers for upgrade';
await removeAllContainers();
await createDockerNetwork();
}
if (existingInfra.version === 'none') await volumes.mountAll(); // when restoring, mount all volumes
await markApps(existingInfra, restoreOptions); // mark app state before we start addons. this gives the db import logic a chance to mark an app as errored
gStatusMessage = 'Starting services, this can take a while';
await services.startServices(existingInfra);
await fs.promises.writeFile(paths.INFRA_VERSION_FILE, JSON.stringify(infra, null, 4));
break;
} catch (error) {
// for some reason, mysql arbitrary restarts making startup tasks fail. this makes the box update stuck
// LOST is when existing connection breaks. REFUSED is when new connection cannot connect at all
const retry = error.reason === BoxError.DATABASE_ERROR && (error.code === 'PROTOCOL_CONNECTION_LOST' || error.code === 'ECONNREFUSED');
debug(`startInfra: Failed to start services. retry=${retry} (attempt ${attempt}): ${error.message}`);
if (!retry) throw error; // refuse to start
await timers.setTimeout(10000);
}
}
locker.unlock(locker.OP_INFRA_START);
await onInfraReady(true /* infraChanged */);
}
async function initialize() {
debug('initializing platform');
await database.initialize();
await tasks.stopAllTasks();
// always generate webadmin config since we have no versioning mechanism for the ejs
const { domain:dashboardDomain } = await dashboard.getLocation();
if (dashboardDomain) await safe(reverseProxy.writeDashboardConfig(dashboardDomain), { debug }); // ok to fail if no disk space
// configure nginx to be reachable by IP when not activated. for the moment, the IP based redirect exists even after domain is setup
// just in case user forgot or some network error happenned in the middle (then browser refresh takes you to activation page)
// we remove the config as a simple security measure to not expose IP <-> domain
const activated = await users.isActivated();
if (!activated) {
debug('start: not activated. generating IP based redirection config');
await safe(reverseProxy.writeDefaultConfig({ activated: false }), { debug }); // ok to fail if no disk space
}
await updater.notifyUpdate();
if (await users.isActivated()) safe(onActivated({ skipDnsSetup: false }), { debug }); // run in background
}
async function uninitialize() {
debug('uninitializing platform');
await cron.stopJobs();
await dockerProxy.stop();
await tasks.stopAllTasks();
await database.uninitialize();
}
async function onActivated(restoreOptions) {
assert.strictEqual(typeof restoreOptions, 'object');
debug('onActivated: starting post activation services');
// Starting the infra after a user is available means:
// 1. mail bounces can now be sent to the cloudron owner
// 2. the restore code path can run without sudo (since mail/ is non-root)
await startInfra(restoreOptions);
await cron.startJobs();
await dockerProxy.start(); // this relies on the 'cloudron' docker network interface to be available
await oidc.start(); // this requires dashboardFqdn to be set
// disable responding to api calls via IP to not leak domain info. this is carefully placed as the last item, so it buys
// the UI some time to query the dashboard domain in the restore code path
await timers.setTimeout(30000);
await reverseProxy.writeDefaultConfig({ activated :true });
}